Mercurial > lxmppd-hg-xmllex / file comparison

comparison: core/certmanager.lua

core/certmanager.lua

changeset 2554
b877533d4ec9
child 2563
1ede33f50ab4
equal deleted inserted replaced
2553:c3afa1e02e8f 2554:b877533d4ec9
1 local configmanager = require "core.configmanager";
2 local ssl = ssl;
3 local ssl_newcontext = ssl.newcontext;
4
5 local setmetatable = setmetatable;
6
7 local prosody = prosody;
8
9 module "certmanager"
10
11 -- These are the defaults if not overridden in the config
12 local default_ssl_ctx = { mode = "client", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; };
13 local default_ssl_ctx_in = { mode = "server", protocol = "sslv23", capath = "/etc/ssl/certs", verify = "none", options = "no_sslv2"; };
14
15 local default_ssl_ctx_mt = { __index = default_ssl_ctx };
16 local default_ssl_ctx_in_mt = { __index = default_ssl_ctx_in };
17
18 -- Global SSL options if not overridden per-host
19 local default_ssl_config = configmanager.get("*", "core", "ssl");
20
21 function get_context(host, mode, config)
22 local ssl_config = config and config.core.ssl or default_ssl_config;
23 if ssl and ssl_config then
24 return ssl_newcontext(setmetatable(ssl_config, mode == "client" and default_ssl_ctx_mt or default_ssl_ctx_in_mt));
25 end
26 return nil;
27 end
28
29 function reload_ssl_config()
30 default_ssl_config = config.get("*", "core", "ssl");
31 end
32
33 prosody.events.add_handler("config-reloaded", reload_ssl_config);
34
35 return _M;

Mercurial Repository: lxmppd-hg-xmllex

mercurial